<?php
require_once("includes/config.php");
/*if (!$_SESSION['User']  || $_SESSION['User']->rid != '2')
{
	$smarty->assign('error',$msg_mustlogin);
	$smarty->display('tpls/index.tpl');
	die();
} */
$Security->GET_XSS();
$Security->Injection();
///default header
$token=$_GET[token];
$email=$_GET[email];
$action=$_GET[action];

switch($action)
{
	case "act":


		if (validateActivationToken($token)){

			$username=fetchUserDetails($username,$token);
			//print_r($username);
			$_SESSION['User']= getUserSessionObject($username[Username]);
			//print_r($_SESSION['User']);
			if ($_SESSION['User']->password == null)
			{
			$smarty->assign('username',$_SESSION['User']->username);
			$content=$smarty->fetch('tpls/changepassword.tpl');
			$smarty->assign('content',$content);
			$smarty->display('tpls/main.tpl');
			exit;	
		}

		}else{echo "to do  already activated";}		
		break;
		
	case "chpwd":
		if (!$_SESSION['User']  || $_SESSION['User']->rid != '2'){
			$_SESSION['User']=null;
			$smarty->assign('error',$msg_mustlogin);
			$smarty->display('tpls/index.tpl');
			die();
		} 
		//print_r($_SESSION['User']);
		$password1= $_POST[password1];
		$password2= $_POST[password2];
		
		if($password1 == $password2){
			if (ChangePassword($password1,$_SESSION['User']->activation)){;
				$smarty->assign('error',$msg_passwordChanged);
				$content=$smarty->fetch('tpls/ceo-add-details.tpl');
				$smarty->assign('content',$content);
				$smarty->display('tpls/main.tpl');
				exit;
			}else{
				//todo display invalid token message.
				echo "invalid token . failed to change password";
			}

		}else{
			$smarty->assign('error',$msg_passworddoesntmatch);
			$content=$smarty->fetch('tpls/changepassword.tpl');
			$smarty->assign('content',$content);
			$smarty->display('tpls/main.tpl');
			exit;

		}

		break;	
	case "ceodetails":
	if(!empty($_POST)){
		$arName=$_POST[EnName];
		$enName=$_POST[ArName];
		$PhoneNo=$_POST[PhoneNo];
		$MobileNo=$_POST[MobileNo];
		$IdentityNumber=$_POST[IdentityNumber];
		//$IdentityCopy=$_POST[IdentityCopy];
		
		$fid=FileUpload();
		if(AddUserDetails($arName,$enName,$PhoneNo,$MobileNo,$IdentityNumber,$fid))
		{
			//update user status
			if($_SESSION['User']->active==1 || $_SESSION['User']->active==0){
				setUserActive('',2,$_SESSION['User']->uid);
			}
			$smarty->assign('username',$_SESSION['User']->username);
			$smarty->display('tpls/ceo-main.tpl');
			exit;
		}
	}
	$content=$smarty->fetch('tpls/ceo-add-details.tpl');
	$smarty->assign('content',$content);
	$smarty->display('tpls/ceo-main.tpl');
	
	break;
}

?>